REGULATORY SCRUTINY BOARD OPINION Review of Payment Services in the internal market

EUROPEAN COMMISSION
3.3.2023
SEC(2023) 256
{COM(2023) 366, 367}
{SWD(2023) 231, 232}
REGULATORY SCRUTINY BOARD OPINION
Review of Payment Services
in the internal market
Offentligt
KOM (2023) 0366 - SEK-dokument
Europaudvalget 2023
________________________________
This opinion concerns a draft impact assessment which may differ from the final version.
Commission européenne/Europese Commissie, 1049 Bruxelles/Brussel, BELGIQUE/BELGIË - Tel. +32 22991111
regulatory-scrutiny-board@ec.europa.eu
EUROPEAN COMMISSION
REGULATORY SCRUTINY BOARD
Brussels,
RSB
Opinion
Title: Impact assessment / Review of Payment Services in the internal
market Directive (PSD 2)
Overall opinion: POSITIVE WITH RESERVATIONS
(A) Policy context
The 2015 second Payment Services Directive (PSD2) forms the legal framework for retail
payments in the EU and is designed to create a competitive single market for payments
while protecting payment service users and ensuring security and ease of payments. The
ex-post evaluation of the PSD2 found that some of these objectives, such as consumer
protection, innovation and level playing field, were only partially achieved.
This initiative aims to address identified shortcomings regarding payment fraud, Open
Banking services, enforcement and implementation by Member States. It also aims to
simplify the access to payment systems of Payment Institutions and E-Money Institutions
to address concerns about regulatory arbitrage and uneven level playing field.
(B) Summary of findings
The Board notes the additional information provided and commitments to make
changes to the report.
However, the report still contains significant shortcomings. The Board gives a
positive opinion with reservations because it expects the DG to rectify the following
aspects:
(1) The report lacks clarity on consumer demand for Open Banking and on the
extent to which consumer confidence in data sharing and cybersecurity may
affect uptake.
(2) The report does not provide sufficient impact analysis, in particular on
competitiveness, SMEs, consumers and Member States as well as the impact of
the proposed flanking measures.
(3) The report does not provide sufficient clarity, including granular analysis, on the
costs and benefits for the preferred set of measures.
2
(C) What to improve
(1) The report should further develop the analysis of the problem related to the low take-up
of Open Banking services in the EU. It should cite and build on the related evaluation
findings thereby ensuring that the evaluation feeds better into the problem definition. It
should provide clear data on the existing and projected consumer demand for Open
Banking in the EU. The analysis should explain to what extent consumer behaviour,
including reluctance to share data due to lack of trust and cybersecurity concerns,
affects the uptake. It should explore to what extent the higher fraud risk, as detailed in
the report, influences consumer trust and presents a barrier to the use of Open Banking
services in the internal market. It should be more specific on potential differences in
intra- and extra-EU cross-border fraud rates and clearer on the root causes for such
differences across the Member States, and how the policy options will address them.
(2) The report should further highlight the initiative’s importance for security, particularly
cyber security but also more widely. In this respect it should strengthen the section on
coherence by exploring potential synergies with the Anti Money Laundering
Directive.The report should clarify to what extent invoice fraud is a problem that needs
attention at EU level and the extent to which it is within the scope of the initiative.
(3) Given the envisaged repeal of parts of the Directive, and the consequences for the
national legal systems, the report should strengthen the presentation of the arguments
in favour of a Regulation, including by better demonstrating that the expected benefits
will clearly outweigh any negative impacts on existing systems. This analysis should
be informed by the views of Member States.
(4) The report should further develop the impact analysis of all measures, including
combinations thereof. It should sufficiently assess all relevant significant impacts. In
particular, it should:
 Provide more analysis on impacts and distributional effects of options on
competition among the different types of payment service providers and discuss
how the competitiveness of EU originating operators (compared to third country
head quartered operators) may be affected.
 Analyse the impact on SMEs including undertaking the SME test. The analysis
should include the differentiation of costs by size of businesses to be affected, in
particular for the option on the extension of the provision of IBAN/name
verification.
 Assess the impacts on Member States by identifying those that will face
significantly higher (or lower) implementation costs, including those resulting from
the repeals of parts of the Directive.
 Explain how consumers will be impacted. This should include the analysis of
possible additional fees (for the IBAN verification service) and any cost past
through as well as the impact on fundamental rights of consumers.
 Analyse macroeconomic impacts given the importance of retail payments for
economic activity.
(5) The report should better integrate the flanking measures into the analysis. It should link
them more clearly with the problems and objectives and consider presenting them as
horizontal measures part of all relevant combinations of options. It should explain
whether there are any significant impacts resulting from those measures and, if there
are, they should be assessed and quantified to the extent possible. In particular, this
should include the quantification of the impact of simplification as a result of the
integration of the Second e-Money Directive to PSD2, as part of the One In, One Out
approach.
3
(6) The report should include an overview of the costs and benefits of each option per
problem area (including combinations thereof) and provide more detail on the scoring
used in the comparison of options tables. It should ensure that the current scores bring
out clearly how the different combination of measures compare to individual measures.
For instance with respect to the problem area fraud, it should clarify what the
additional effect of their combination would be, since most of the individual measures
already seem to deliver maximum performance on all assessment criteria.
(7) The report should better assess the combined effect of and synergies between the
preferred measures identified per problem area. It should further discuss
proportionality of the proposed measures using the results of the granular cost benefit
analysis.
The Board notes the estimated costs and benefits of the preferred option(s) in this
initiative, as summarised in the attached quantification tables.
Some more technical comments have been sent directly to the author DG.
(D) Conclusion
The DG must revise the report in accordance with the Board’s findings before
launching the interservice consultation.
If there are any changes in the choice or design of the preferred option in the final
version of the report, the DG may need to further adjust the attached quantification
tables to reflect this.
Full title Impact assessment accompanying the prososal for a Regulation
on payment services in the internal market, repealing Directive
2015/2366 on payment services in the internal market, and the
proposal on licencing and supervision of payment institutions
and Electronic Money Institutions, repealing Directive
2009/110/EC on the taking up, pursuit and prudential
supervision of the business of electronic money institutions, and
amending Directive 98/26/EC on settlement finality in payment
and securities settlement systems.
Reference number PLAN/2022/892, PLAN/2022/1630
Submitted to RSB on 06 February 2023
Date of RSB meeting 01 March 2023
4
ANNEX: Quantification tables extracted from the draft impact assessment report
The following tables contain information on the costs and benefits of the initiative on
which the Board has given its opinion, as presented above.
If the draft report has been revised in line with the Board’s recommendations, the content
of these tables may be different from those in the final version of the impact assessment
report, as published by the Commission.
I. Overview of Benefits (total for all provisions) – Preferred Option
Description Amount Comments
Direct benefits
Reduction of payment fraud The combined effect of the
proposed anti-fraud measures can
be anticipated as a reduction of a
few percentage points in APP fraud
(for example, a 10% reduction
would represent €32 million of
benefit annually). Wider use of
SCA will also contribute to a
reduction in all payment fraud.
The value of APP fraud in 2020 for all SEPA
euro credit transfers in the EU is estimated
by Commission services on the basis of EBA
data at approximately € 323 million.
Better legal framework for
Open Banking
The proposed changes are intended
to support further growth of the OB
sector in addition to the projected
growth with no legislative change
(baseline). Assuming the changes
can increase the existing growth
trend of Open Banking by, for
example, 10%, it would create an
additional €2 bn of OB market
value by end 2027.
Various market research projects OB will
grow. Some research explicitly include
legislative changes in their predication,
others do not. Taking these reports as a
baseline, the EU OB users would grow from
15.5 mln users end 2021 to about 60 mln end
2024 and 80 mln end 2027. OB market value
is estimated to increase from €5.5 bn end of
2021 to €11 bn end 2024 and €20.5 bn end
2027. With TPPs reported to have made
additional revenues (recurring) of €1.9 bn for
2021 (35% of €5.5 bn, based on €1.6
revenues reported for 2020). Cumulative OB
benefits, using the same assumptions as for
users and market value, is estimated to be
around 12 bn € end of 2024 and 30 bn € by
2027.
See also chapter 7.2
Fairer competition between
banks and non-bank PSPs
Many PIs and EMIs will be able to
offer credit transfers, including
instant payments, to customers for
the first time.
Better enforcement and
harmonised application of
PSD2
Difficult to quantify. Qualitative
benefits will include:
 A detailed and coherent set of
rules for entities subject to EU
payments legislation
This topic combines the measures discussed
in the main impact assessment under
“improvement of enforcement and
implementation” and also the technical
clarifications described in Annex 7.
5
 Further removal of
fragmentation including of
gold-plating in the Internal
Market
 Lower compliance costs over
time (as the EU payments
legislation is to large extent
clear, up to date and self-
explaining and therefore easy
to apply)
 Higher legal certainty
 Reduction in waiting time for
action by PSPs with
complaints to NCAs.
Greater consumer rights and
information
Not quantifiable See Annex 10
Merger of regimes for
Payment Institutions and E-
money Institutions
Administrative cost savings for PIs
and EMIs
These two regimes will be combined and
simplified (see Annex 8)
Indirect benefits
A wider range of better priced
payment services available
Not quantifiable In particular, new OB services and new
services from PIs and EMIs
Reduced costs for PSP of fraud
complaints handling
Not quantifiable
Reduced complaints for NCAs
to handle
Not quantifiable
II. Overview of costs – Preferred option II. Overview of costs – Preferred option
Citizens/Consumers Businesses1
Administrations
One-off Recurrent One-off Recurrent One-off Recurrent
Fraud
reduction
Direct
adjustment
costs
None Possible fees
as users of
the IBAN
verification
service
IBAN
verification: for
those PSPs not
already obliged
to offer this
service, about
1200-1300 in
number, in the
area of a few
hundred
thousand euro,
possibly less.
IBAN
verification:
for those
PSPs not
already
obliged to
offer this
service, in
the range of
several
thousand €
and € 350
000,
depending on
None Possible fees as
users of the
IBAN
verification
service
1
This category includes both business users of IPs and the PSPs.
6
the size of
the PSP and
the extent to
which costs
are recovered
through fees.
Costs of
exchanging
data on fraud
(voluntary)
Indirect costs None None None ASPSPs:
possible
compensatio
n to payers in
cases where
IBAN/name
check failed
None None
Enforcement
cost
None None None None None None
Improvements
to user rights
Direct
adjustment
costs
None None None Min. 123m €.
Education
campaigns
for customers
on their
rights/
obligations,
improving
financial
literacy, and
alerting on
fraud
schemes.
Cost based
on the
VVA/CEPS’
study
estimates for
ASPSPs.
None None
Indirect costs None None None None None None
Enforcement
cost
None None None None None Cost of
complaints
handling for
NCAs
Open Banking
improvements
Direct
adjustment
costs
None None For some
ASPSPs, cost of
upgrading OB
APIs or of
creating new
dedicated
interfaces where
there is none
(options 2a+2d),
estimated at
Any
maintenance
costs of a
dedicated
interface
should be
offset by the
fact that a
fallback
interface is
None None
7
€190 ml net.
For all ASPSPs,
cost of creating
permissions
dashboards,
total cost from
€12ml to €48ml
For TPPs, total
cost of adapting
to API changes
up to €26 ml,
offset by
savings from
better APIs and
no fallback
no longer
required
Limited
maintenance
cost of
permissions
dashboards
Indirect costs None None None None None None
Enforcement
cost
None None None None None Cost of
complaints
handling for
NCAs
Better
enforcement
and
application in
Member
States
Direct
adjustment
costs
None None None In some
cases,
higher
penalties for
breaches
Adjustment
costs of
familiarisation
with new rules
(for example
Open
banking), and
recruitment of
extra staff in
some cases
Enforcement of
compliance;
costs for NCAs
for human
resources e.g.
for maintaining
specialised
teams
supervising the
various clarified
provisions on
open banking
and fraud
prevention,
possibly offset
by fees levied to
the supervised
entities.
Possible 10%
rise in cost of
supervision
(estimated by
the VVA/CEPS
study about
€28m/€30m per
year EU-wide)
Indirect costs None None None None None None
Enforcement
cost
None None See above None See above See above
8
Non-bank PSP
access to
payment
systems
Direct
adjustment
costs
None None For payment
system
operators, cost
of risk
assessment and
admission
procedure for
PIs and EMIs
For payment
system
operators,
ongoing
monitoring
of new
participants
For central
banks as
payment system
operators, cost
of risk
assessment and
admission
procedure for
PIs and EMIs
For central banks
as payment
system operators,
ongoing
monitoring of
new participants
Indirect costs None None None None None None
Enforcement
cost
None None None None None For NCAs, cost
of enforcement
Costs related to the ‘one in, one out’ approach
Total
Direct
adjustment
costs
None None One-off
implementation
costs in the
ranges given
above
Recurrent
implementati
on costs in
the ranges
given above
Indirect
adjustment
costs
None None None None
Administrativ
e costs (for
offsetting)
None None None None
Electronically signed on 03/03/2023 11:19 (UTC+01) in accordance with Article 11 of Commission Decision (EU) 2021/2121